class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  helper_method :current_user
  before_filter :only_for_html, :require_login

  private
  # def set_cache_buster
  #   response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
  #   response.headers["Pragma"] = "no-cache"
  #   response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
  # end

  def current_user
    @current_user ||= Users.find(session[:user_id]) if session[:user_id]
  end

  def only_for_html
    #binding.pry
    return if request.xhr?
    render('admin/sessions/index') if request.format.html?
  end

  def require_login
    current_user.nil?
  end
end
